[gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/

[gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/

[Jason Donenfeld]

commit:     8146a1f86e72210919cd8a0020aaf19838da0637
Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Wed Mar  2 16:37:51 2016 +0000
Commit:     Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Mar  2 16:38:16 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8146a1f8

mail-mta/opensmtpd: do not crash with libressl

 ...d-5.7.3p2-libressl-arc4random-circularity.patch | 35 ++++++++++++++++++++++
 ...3_p2-r1.ebuild => opensmtpd-5.7.3_p2-r2.ebuild} |  3 +-
 2 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.7.3p2-libressl-arc4random-circularity.patch b/mail-mta/opensmtpd/files/opensmtpd-5.7.3p2-libressl-arc4random-circularity.patch
new file mode 100644
index 0000000..7c35862
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-5.7.3p2-libressl-arc4random-circularity.patch
@@ -0,0 +1,35 @@
+diff -ru opensmtpd-5.7.3p2/openbsd-compat/arc4random.c opensmtpd-5.7.3p2-fixed/openbsd-compat/arc4random.c
+--- opensmtpd-5.7.3p2/openbsd-compat/arc4random.c	2016-02-02 08:40:06.000000000 +0100
++++ opensmtpd-5.7.3p2-fixed/openbsd-compat/arc4random.c	2016-03-02 17:34:24.535030362 +0100
+@@ -188,6 +188,7 @@
+ 	_ARC4_UNLOCK();
+ }
+ 
++#if 0
+ u_int32_t
+ arc4random(void)
+ {
+@@ -198,12 +199,13 @@
+ 	_ARC4_UNLOCK();
+ 	return val;
+ }
++#endif
+ 
+ /*
+  * If we are providing arc4random, then we can provide a more efficient 
+  * arc4random_buf().
+  */
+-# ifndef HAVE_ARC4RANDOM_BUF
++#if 0
+ void
+ arc4random_buf(void *buf, size_t n)
+ {
+@@ -215,7 +217,7 @@
+ #endif /* !HAVE_ARC4RANDOM */
+ 
+ /* arc4random_buf() that uses platform arc4random() */
+-#if !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM)
++#if 0
+ void
+ arc4random_buf(void *_buf, size_t n)
+ {

diff --git a/mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r2.ebuild
similarity index 94%
rename from mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r2.ebuild
index ef9a286..dc90b46 100644
--- a/mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r1.ebuild
+++ b/mail-mta/opensmtpd/opensmtpd-5.7.3_p2-r2.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2015 Gentoo Foundation
+# Copyright 1999-2016 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
 # $Id$
 
@@ -47,6 +47,7 @@ S=${WORKDIR}/${MY_P/_}
 src_prepare() {
 	# Use /run instead of /var/run
 	sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
+	use libressl && epatch "${FILESDIR}/${PN}-5.7.3p2-libressl-arc4random-circularity.patch"
 
 	epatch_user
 	eautoreconf

[gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/

[Jason Donenfeld]

commit:     6b942fddbba8dc6102a52a372ea2a7301995b606
Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Wed Jun  8 08:04:12 2016 +0000
Commit:     Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Wed Jun  8 08:04:23 2016 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6b942fdd

mail-mta/opensmtpd: repair snapshot for v6

Package-Manager: portage-2.3.0_rc1

 ...smtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch | 50 ++++++++++++
 .../opensmtpd-5.9.2.201606071034_p1-r1.ebuild      | 94 ++++++++++++++++++++++
 2 files changed, 144 insertions(+)

diff --git a/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch b/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch
new file mode 100644
index 0000000..9841a7e
--- /dev/null
+++ b/mail-mta/opensmtpd/files/opensmtpd-5.9.2.201606071034_p1-ipv6-net-pton.patch
@@ -0,0 +1,50 @@
+From 988cff352d6b3dd5fe3224d7ebce361fca5c0b4f Mon Sep 17 00:00:00 2001
+From: gilles <gilles@poolp.org>
+Date: Wed, 8 Jun 2016 08:23:02 +0200
+Subject: [PATCH] on systems with a broken inet_net_pton() that does not
+ support IPv6, fallback to broken_net_inet_pton_ipv6() when errno ==
+ EAFNOSUPPORT
+
+---
+ smtpd/to.c | 14 ++++++++++----
+ 1 file changed, 10 insertions(+), 4 deletions(-)
+
+diff --git a/smtpd/to.c b/smtpd/to.c
+index 4a6a765..4b592be 100644
+--- a/smtpd/to.c
++++ b/smtpd/to.c
+@@ -60,7 +60,7 @@ static int alias_is_filename(struct expandnode *, const char *, size_t);
+ static int alias_is_include(struct expandnode *, const char *, size_t);
+ static int alias_is_error(struct expandnode *, const char *, size_t);
+ 
+-static int temp_inet_net_pton_ipv6(const char *, void *, size_t);
++static int broken_inet_net_pton_ipv6(const char *, void *, size_t);
+ 
+ const char *
+ sockaddr_to_text(struct sockaddr *sa)
+@@ -301,8 +301,14 @@ text_to_netaddr(struct netaddr *netaddr, const char *s)
+ 	} else {
+ 		bits = inet_net_pton(AF_INET6, s, &ssin6.sin6_addr,
+ 		    sizeof(struct in6_addr));
+-		if (bits == -1)
+-			return 0;
++		if (bits == -1) {
++			if (errno != EAFNOSUPPORT)
++				return 0;
++			bits = broken_inet_net_pton_ipv6(s, &ssin6.sin6_addr,
++			    sizeof(struct in6_addr));
++			if (bits == -1)
++				return 0;
++		}
+ 		ssin6.sin6_family = AF_INET6;
+ 		memcpy(&ss, &ssin6, sizeof(ssin6));
+ #ifdef HAVE_STRUCT_SOCKADDR_STORAGE_SS_LEN
+@@ -896,7 +902,7 @@ alias_is_error(struct expandnode *alias, const char *line, size_t len)
+ }
+ 
+ static int
+-temp_inet_net_pton_ipv6(const char *src, void *dst, size_t size)
++broken_inet_net_pton_ipv6(const char *src, void *dst, size_t size)
+ {
+ 	int	ret;
+ 	int	bits;

diff --git a/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild b/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild
new file mode 100644
index 0000000..bec67bd
--- /dev/null
+++ b/mail-mta/opensmtpd/opensmtpd-5.9.2.201606071034_p1-r1.ebuild
@@ -0,0 +1,94 @@
+# Copyright 1999-2016 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=5
+
+inherit multilib user flag-o-matic eutils pam toolchain-funcs autotools systemd versionator
+
+DESCRIPTION="Lightweight but featured SMTP daemon from OpenBSD"
+HOMEPAGE="http://www.opensmtpd.org/"
+MY_P="${P}"
+if [ $(get_last_version_component_index) -eq 4 ]; then
+	MY_P="${PN}-$(get_version_component_range 4-)"
+fi
+SRC_URI="https://www.opensmtpd.org/archives/${MY_P/_}.tar.gz"
+
+LICENSE="ISC BSD BSD-1 BSD-2 BSD-4"
+SLOT="0"
+KEYWORDS="~amd64 ~x86"
+IUSE="libressl pam +mta"
+
+DEPEND="!libressl? ( dev-libs/openssl:0 )
+		libressl? ( dev-libs/libressl )
+		sys-libs/zlib
+		pam? ( virtual/pam )
+		sys-libs/db:=
+		dev-libs/libevent
+		app-misc/ca-certificates
+		net-mail/mailbase
+		net-libs/libasr
+		!mail-mta/courier
+		!mail-mta/esmtp
+		!mail-mta/exim
+		!mail-mta/mini-qmail
+		!mail-mta/msmtp[mta]
+		!mail-mta/netqmail
+		!mail-mta/nullmailer
+		!mail-mta/postfix
+		!mail-mta/qmail-ldap
+		!mail-mta/sendmail
+		!mail-mta/ssmtp[mta]
+"
+RDEPEND="${DEPEND}"
+
+S=${WORKDIR}/${MY_P/_}
+
+src_prepare() {
+	# Use /run instead of /var/run
+	sed -i -e '/pidfile_path/s:_PATH_VARRUN:"/run/":' openbsd-compat/pidfile.c || die
+	epatch "${FILESDIR}/${P}-ipv6-net-pton.patch"
+	epatch_user
+	eautoreconf
+}
+
+src_configure() {
+	tc-export AR
+	AR="$(which "$AR")" econf \
+		--with-table-db \
+		--with-user-smtpd=smtpd \
+		--with-user-queue=smtpq \
+		--with-group-queue=smtpq \
+		--with-path-socket=/run \
+		--with-path-CAfile=/etc/ssl/certs/ca-certificates.crt \
+		--sysconfdir=/etc/opensmtpd \
+		$(use_with pam auth-pam)
+}
+
+src_install() {
+	default
+	newinitd "${FILESDIR}"/smtpd.initd smtpd
+	systemd_dounit "${FILESDIR}"/smtpd.{service,socket}
+	use pam && newpamd "${FILESDIR}"/smtpd.pam smtpd
+	if use mta ; then
+		dodir /usr/sbin
+		dosym /usr/sbin/smtpctl /usr/sbin/sendmail
+		dosym /usr/sbin/smtpctl /usr/bin/sendmail
+		dosym /usr/sbin/smtpctl /usr/$(get_libdir)/sendmail
+	fi
+}
+
+pkg_preinst() {
+	enewgroup smtpd 25
+	enewuser smtpd 25 -1 /var/empty smtpd
+	enewgroup smtpq 252
+	enewuser smtpq 252 -1 /var/empty smtpq
+}
+
+pkg_postinst() {
+	einfo
+	einfo "Plugins for SQLite, MySQL, PostgreSQL, LDAP, socketmaps,"
+	einfo "Redis, and many other useful addons and filters are"
+	einfo "available in the mail-filter/opensmtpd-extras package."
+	einfo
+}

[gentoo-commits] repo/gentoo:master commit in: mail-mta/opensmtpd/, mail-mta/opensmtpd/files/

[Jason A. Donenfeld]

commit:     bdcfa74624ec6f20fb94661457a3ba5fe70e56c3
Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
AuthorDate: Tue Feb 25 02:01:47 2020 +0000
Commit:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
CommitDate: Tue Feb 25 02:02:51 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bdcfa746

mail-mta/opensmtpd: apply security fixes

Package-Manager: Portage-2.3.88, Repoman-2.3.20
Signed-off-by: Jason A. Donenfeld <zx2c4 <AT> gentoo.org>

 mail-mta/opensmtpd/Manifest                        |  2 +-
 .../files/opensmtpd-6.0.3_p1-security-fixes.patch  | 32 ++++++++++++++++++++++
 ...3_p1-r2.ebuild => opensmtpd-6.0.3_p1-r3.ebuild} |  0
 ...d-6.6.2_p1.ebuild => opensmtpd-6.6.4_p1.ebuild} |  0
 4 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/mail-mta/opensmtpd/Manifest b/mail-mta/opensmtpd/Manifest
index 725fb596054..0c001fb94e6 100644
--- a/mail-mta/opensmtpd/Manifest
+++ b/mail-mta/opensmtpd/Manifest
@@ -1,2 +1,2 @@
 DIST opensmtpd-6.0.3p1.tar.gz 699702 BLAKE2B 49f08e8329adc049a562b6ef7efa4c0a39cbcfe8a158cb905cfc726a7302ffe9833ccfb52041340767d55d0f2ae2087e8eac92b7359016c6c76b4d963a334558 SHA512 e579818a0ddbe637deb5a4e40f43eaf797783903ceac18fd89a57581b135b9e407d424e1a70ff7b4b06a0ee50bafb6e8ab2451371917887904b06ff1b55d320f
-DIST opensmtpd-6.6.2p1.tar.gz 777422 BLAKE2B e372a10f618e83ccb6c782d056750f89a5224898a28957509ab306fbe8bb4ea94462c1bbccbbe9c0dea64623c250d9fe9f3b74f2e26eda5d6c232bec50bff1d0 SHA512 b0f7ea94514a4a1880a22996064caa7da0a15e6453236ca2f004402125affa80e9d8c25d3e63826b45045305851959bc58c2c855829e46d6967bf6cd13bd1e91
+DIST opensmtpd-6.6.4p1.tar.gz 790754 BLAKE2B 18cc19569ae764eff3d672cbfb87df7bd00afcce93705ad128e935c0a47a246c3a6166fca7b6f844c0dd5e728492d8aeb7e0f8a8c1f5a756bf356ae9afb80852 SHA512 267307c91f4fcf21624b0897dfb1f5638b77da7b8d9a02211d734ed2cc5bd39ea7542ae7f200255e2945518fbe7609a0e5aa4e5c6dcb8146014f08b3845c108b

diff --git a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
index 58f3ed8c38b..b22f3af1fbe 100644
--- a/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
+++ b/mail-mta/opensmtpd/files/opensmtpd-6.0.3_p1-security-fixes.patch
@@ -89,3 +89,35 @@ diff -ru OpenSMTPD-opensmtpd-6.0.3/smtpd/smtp_session.c OpenSMTPD-opensmtpd-6.0.
  	return (1);
  }
  
+diff -ru opensmtpd-6.0.3p1/smtpd/mta_session.c opensmtpd-6.0.3p1-modified/smtpd/mta_session.c
+--- opensmtpd-6.0.3p1/smtpd/mta_session.c	2018-01-10 21:06:40.000000000 +0800
++++ opensmtpd-6.0.3p1-modified/smtpd/mta_session.c	2020-02-25 09:57:04.624147227 +0800
+@@ -1214,7 +1214,7 @@
+ 		if (cont) {
+ 			if (s->replybuf[0] == '\0')
+ 				(void)strlcat(s->replybuf, line, sizeof s->replybuf);
+-			else {
++			else if (len > 4) {
+ 				line = line + 4;
+ 				if (isdigit((int)*line) && *(line + 1) == '.' &&
+ 				    isdigit((int)*line+2) && *(line + 3) == '.' &&
+@@ -1229,7 +1229,9 @@
+ 		/* last line of a reply, check if we're on a continuation to parse out status and ESC.
+ 		 * if we overflow reply buffer or are not on continuation, log entire last line.
+ 		 */
+-		if (s->replybuf[0] != '\0') {
++		if (s->replybuf[0] == '\0')
++			(void)strlcat(s->replybuf, line, sizeof s->replybuf);
++		else if (len > 4) {
+ 			p = line + 4;
+ 			if (isdigit((int)*p) && *(p + 1) == '.' &&
+ 			    isdigit((int)*p+2) && *(p + 3) == '.' &&
+@@ -1238,8 +1240,6 @@
+ 			if (strlcat(s->replybuf, p, sizeof s->replybuf) >= sizeof s->replybuf)
+ 				(void)strlcpy(s->replybuf, line, sizeof s->replybuf);
+ 		}
+-		else
+-			(void)strlcpy(s->replybuf, line, sizeof s->replybuf);
+ 
+ 		if (s->state == MTA_QUIT) {
+ 			log_info("%016"PRIx64" mta event=closed reason=quit messages=%zu",

diff --git a/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild b/mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r3.ebuild
similarity index 100%
rename from mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r2.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.0.3_p1-r3.ebuild

diff --git a/mail-mta/opensmtpd/opensmtpd-6.6.2_p1.ebuild b/mail-mta/opensmtpd/opensmtpd-6.6.4_p1.ebuild
similarity index 100%
rename from mail-mta/opensmtpd/opensmtpd-6.6.2_p1.ebuild
rename to mail-mta/opensmtpd/opensmtpd-6.6.4_p1.ebuild